Content

Unsporting Bagle mutant turns Turin ticket tout

Security experts have advised users not to panic over an unsporting new version of the Bagle worm which poses as a message offering free tickets to the Winter Olympics in Turin.

The Bagle-CM spyware worm spreads as an attachment within emails using subject lines that include:

'FREE OLYMPIC TICKETS LOTTERY!'
'2006 Winter Games in Torino'
'2006 Torino Winter Games FREE Tickets'

The virus spreading attachments use the file names that include 'Generated_bill.exe', 'Order_details.exe', and 'Service_receipt.exe'. The body of the email claims to come from a company selling tickets for the games in Turin, Italy, and even offers tickets to Olympic final events. However, if the attached file is run, the worm can steal information from the computer and allow hackers to gain remote access.

"This latest incarnation of the Bagle worm is hiding behind the flag of the Winter Olympics in an attempt to infect the unwary. But sensible precautions and a spoonful of common sense should ensure nobody is left vulnerable to their computer being struck down," said Graham Cluley, senior technology consultant for Sophos.

"Companies are best protected by automating their anti-virus protection and putting a policy in place at their email gateway to block unsolicited executable code from the outside world."

Despite its sporting camouflage, the Bagle-CM worm is not currently spreading in large numbers. Sophos has been protecting businesses against the Bagle-CM worm since 01:33 GMT on 14 February 2006.

The Bagle-CM worm also attempts to spread via P2P file-sharing systems posing as nude pictures of actress Kate Beckinsale, or erotic content related to hotel chain heiress Paris Hilton and pop starlet Britney Spears.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.